GoFuckYourself.com - Adult Webmaster Forum - View Single Post - CjOverkill 2.0.2 released to fix a severe security bug

PowerCum · 10-15-2003, 05:36 AM

CjOverkill 2.0.2 has been released today in order to fix a severe security bug that allows any malicious webmaster to steal traffic, admin credentials and insert malicious code into the targeted site.

Other products vulnerable to this kind of bug are:

TTT, CjUltra, Traffic Drive (all these tested).
Also could be vulnerable EPowerTrader, but I did not get a copy where to test this one.

These scripts creators have 24 hours to contact me for the bug report and proof of concept code (for $100 on paypal). Or to whoever who wants it during the next 24 hours for $150 on paypal too. After these 24 hours the bug report will be available for free to any of my private security database subscribers and any other admin or webmaster who wants to pay $50 on paypal for that.
After several days and the big part of the sites using these scripts get fixed the exploit code will become available to whoever requests it (with testing and research proposes) for $25 or for free (still not decided).

Bug Allows:
Only using a browser and very little knowledge, to steal traffic, put a popup or any other code.
With a bit of more knowledge, steal the admin auth credentials and access to the admin area.

NOTE: no info will be disclosed during the next 6 or 12 hours untill all the CjOverkill driven sites upgrade their version.

For blames, screams or other stuff contact ICQ: 171216535

10-15-2003, 05:36 AM
PowerCum CjOverkill Industry Role: Join Date: Apr 2003 Location: Woldwide Posts: 1,328	CjOverkill 2.0.2 released to fix a severe security bug CjOverkill 2.0.2 has been released today in order to fix a severe security bug that allows any malicious webmaster to steal traffic, admin credentials and insert malicious code into the targeted site. Other products vulnerable to this kind of bug are: TTT, CjUltra, Traffic Drive (all these tested). Also could be vulnerable EPowerTrader, but I did not get a copy where to test this one. These scripts creators have 24 hours to contact me for the bug report and proof of concept code (for $100 on paypal). Or to whoever who wants it during the next 24 hours for $150 on paypal too. After these 24 hours the bug report will be available for free to any of my private security database subscribers and any other admin or webmaster who wants to pay $50 on paypal for that. After several days and the big part of the sites using these scripts get fixed the exploit code will become available to whoever requests it (with testing and research proposes) for $25 or for free (still not decided). Bug Allows: Only using a browser and very little knowledge, to steal traffic, put a popup or any other code. With a bit of more knowledge, steal the admin auth credentials and access to the admin area. NOTE: no info will be disclosed during the next 6 or 12 hours untill all the CjOverkill driven sites upgrade their version. For blames, screams or other stuff contact ICQ: 171216535 __________________ CjOverkill Traffic Trading Script Free, secure and fast traffic trading script. Get your copy now